cvedb.io
CVE-2025-52054
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2025-08-28T15:16:00.917 · Last modified 2026-06-17T09:35:58.667

Summary

An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate with network services on the device.

Affected products

tenda — ac8_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when tenda ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.